cancel
Showing results for 
Search instead for 
Did you mean: 

MA 5.0 location in the registry of the custom props

we consider to migrate to MA 5.0. We use custom props in the registry. Is this still possible with MA 5.0 and where are these in the regsitry?

Regards Tom

17 Replies

Re: MA 5.0 location in the registry of the custom props

You can still use custom properties but they are not stored in the registry anymore, see KB83622.

McAfee KnowledgeBase - Custom properties are not reported to ePO after upgrading from MA 4.8 to MA 5...

Re: MA 5.0 location in the registry of the custom props

I took a look at look at the MA.Db  file, and have no idea how we are supposed to write to it with our 3rd party software, We have been modifying the custom props at image time. We have been populating it to identify things like, Surface Pros and tell EPO how to tag a particular type of system.

I note that EPO still cannot tell the difference between a tablet and a laptop. We have been able to use the custom props to address this. Now. How are we supposed to pre -populate this information? The ma.db appears to contain mostly binary information, and I cannot for the life of me find a clear text line that says "Custom Props"

Is there some sort of tool we can use to edit this file?

Reliable Contributor andrep1
Reliable Contributor
Report Inappropriate Content
Message 4 of 18

Re: MA 5.0 location in the registry of the custom props

I have this script I use to take care of that, in our context what this script does is to collect hardware information and last reboot time and updates the custom props.

It accounts for MA4 and MA5 in different locations.

The ma5x sub is the part you want. It is not pretty but it is the only approved way...

option explicit
on error resume next

Dim strComputer, objReg, objItem, objWMIService, colItems,  strValue, strExecName, strExecParams
Dim strModel, strCompany, strSerial, strBootTime
Dim objShell
Dim strKeyPath, strValueName
const HKEY_LOCAL_MACHINE = &H80000002

'Main
strComputer = "."
Set objReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &strComputer & "\root\default:StdRegProv")

Call GetInfo

if AgentMajorVer() = 4 then
MA4x()
else
MA5x()
end if

set objReg = Nothing
wscript.quit
'end
'--------------------------------------
'Get the data from WMI
'--------------------------------------
Sub GetInfo
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\CIMV2")

Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_ComputerSystem",,48)
For Each objItem in colItems
  strModel = objItem.Model
Next

Set colItems = objWMIService.ExecQuery("SELECT * FROM Win32_BIOS",,48)
For Each objItem in colItems
  strCompany = objItem.Manufacturer
  strSerial = objItem.SerialNumber
Next

Set colItems = objWMIService.ExecQuery ("Select * from Win32_OperatingSystem",,48)
For Each objItem in colItems
  strBootTime = left(objItem.LastBootUpTime,8)& "_" & mid(objItem.LastBootUpTime,9 ,4)
Next

set objWMIService = Nothing
End Sub
'--------------------------------------
'Determine McAfee agent major version
'--------------------------------------
Function AgentMajorVer
strKeyPath = "SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\CustomProps"
objReg.GetStringValue HKEY_LOCAL_MACHINE, "SOFTWARE\Network Associates\TVD\Shared Components\Framework\", "Version", strValue
AgentMajorVer = CINT(left(strValue,1))
End Function

'--------------------------------------
sub MA4x
strKeyPath = "SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\CustomProps"
objReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath

strKeyPath = "SOFTWARE\Network Associates\ePolicy Orchestrator\Agent\CustomProps"

strValueName = "CustomProps1"
strValue = strCompany
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

strValueName = "CustomProps2"
strValue = strModel
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

strValueName = "CustomProps3"
strValue = strSerial
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue

strValueName = "CustomProps4"
strValue = strBootTime
objReg.SetStringValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,strValue
end sub

'--------------------------------------
sub MA5x
objReg.GetStringValue HKEY_LOCAL_MACHINE, "SOFTWARE\McAfee\Agent", "InstallPath", strValue

strExecName = chr(34) & strValue & "maconfig.exe" & chr(34)
strExecParams = " -custom " & "-prop1 " & chr(34) & strCompany & chr(34) & " -prop2 " & chr(34) & strModel & chr(34) & " -prop3 " & chr(34) & strSerial & chr(34) & " -prop4 " & chr(34) & strBootTime & chr(34)

Set objShell = WScript.CreateObject( "WScript.Shell" )
objShell.run(strExecName&strExecParams),0,true
end sub

Re: MA 5.0 location in the registry of the custom props

Hi Andre

Have packaged up a version of your script to be deployed via ePO using the EEDK 9.6.0 build.

Even using your virgin script it fails to complete when deployed. If I look at task manager I see a wscript.,exe process still open.

The scripts run perfectly if run manually on the local machine. I do have other packaged scripts that I use that do work.. I think the issue is something to do with the calling of the MACONFIG.EXE file followed by the arguments.

Do you have any ideas?

Regards

Steve.

tabrezg
Level 9
Report Inappropriate Content
Message 6 of 18

Re: MA 5.0 location in the registry of the custom props

Hi Steve,

i have attached package which i am using to get the device inventories like, serial number, Make, Model, may be it can help you if that is what you want to achieve. you can add one more custom field as per your requirement which i am not using in the script.

McAfee Employee moekhass
McAfee Employee
Report Inappropriate Content
Message 7 of 18

Re: MA 5.0 location in the registry of the custom props

​, thanks for the zip file. I will test.

I slightly modified the powershell script. I was hoping to get dns servers list but it doesn't play nicely with epo custom field.

$Model = Get-WmiObject -class Win32_ComputerSystem | select -expand Model

$PRIMARYOWNER = Get-WmiObject Win32_Computersystem | select -expand PrimaryOwnerName

$BOOTUP = Get-WmiObject Win32_OperatingSystem | select @{LABEL=' ';EXPRESSION={$_.ConverttoDateTime($_.LastBootUpTime)}}

$DHCP = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=true" -ComputerName . | select DHCPServer

$DNS = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -ComputerName . | select DNSServerSearchOrder

#Output including GPO text to confirm it's working

& $MAC "-custom" "-prop1" "System Model = $Model" "-prop2" "Primary Owner = $PRIMARYOWNER" "-prop3" "Boot-up Time $BOOTUP" "-prop4" "Networking $DHCP $DNS"

Re: MA 5.0 location in the registry of the custom props

Hi tabrezg,

Could you please explain how did you use EEDK for create a ePO package with powershell + bat file in same time ?

Please send us a screenshot from the eedk tool before creating DEVINVT66121.zip

Many thanks

McAfee Employee moekhass
McAfee Employee
Report Inappropriate Content
Message 9 of 18

Re: MA 5.0 location in the registry of the custom props

​, they key here is that you have both inventory.bat and inventory.ps1 in the same directory. It's the batch file that calls powershell script. Here's the content of each file (my iteration):

inventory.bat (no need to change this file)

@ECHO OFF

PowerShell.exe -NoProfile -ExecutionPolicy Bypass -Command "& '%~dpn0.ps1'"

inventory.ps1 (you have to change some variables or keep it as it is.)

# Both Install Locations Covered below.

$MAC = "C:\Program Files\McAfee\Agent\maconfig.exe"

If(-not(Test-Path -Path $MAC))

  {

   $MAC = "C:\Program Files(x86)\McAfee\Common Framework\maconfig.exe"

  }

#WMI Queried (below are All IP's and Hardware but others can be added)

$Model = Get-WmiObject -class Win32_ComputerSystem | select -expand Model

$PRIMARYOWNER = Get-WmiObject Win32_Computersystem | select -expand PrimaryOwnerName

$BOOTUP = Get-WmiObject Win32_OperatingSystem | select @{LABEL=' ';EXPRESSION={$_.ConverttoDateTime($_.LastBootUpTime)}}

$WFWALL = Get-Service MpsSvc | select Status

# $DHCP = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=true" -ComputerName . | select DHCPServer

# $DNS = Get-WmiObject -Class Win32_NetworkAdapterConfiguration -ComputerName . | select DNSServerSearchOrder

#Output including GPO text to confirm it's working

& $MAC "-custom" "-prop1" "System Model = $Model" "-prop2" "Primary Owner = $PRIMARYOWNER" "-prop3" "Boot-up Time $BOOTUP" "-prop4" "Windows Firewall $WFWALL"

Screenshot : EEDK (make sure to save the project file first before clicking the build button. otherwise it will give you errors). The most important thing here is the "command to run" option has to = inventory.bat

Highlighted

Re: MA 5.0 location in the registry of the custom props

OK, So, McAfee has a utility for modifying the custom props in MA5, much simpler than the above solution. It's called maconfig.exe. We found this out by opening a ticket. I'm sorry for Andre who dd all the programming work for nothing. We opened a ticket with support and this is what we found.

You will find MAConfig it in one of 2 places. On fresh MA5 installs it will be here:

C:\Program Files\McAfee\Agent
On Upgrade installs, you will find it here;

C:\Program Files (x86)\McAfee\Common Framework\maconfig.exe

The Syntax for changing a custom props is as follows:

"C:\Program Files (x86)\McAfee\Common Framework\maconfig.exe" -custom -prop1 "YourValue"

or

"C:\Program Files\McAfee\Agent\maconfig.exe" -custom -prop1 "YourValue"

You can substitute the -prop1 value for any of the 4, I think you can add multiple ones on the same line. You will have to experiment.

To get a full list of maconfig functions  maconfig.exe -help

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community